-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Vasilios Mavroudis wrote:
Hello,
I would like to introduce our project "Crux", which enables the computation of privacy preserving statistics on sensitive data. The project was developed at University College London (UCL) by me, in close collaboration with George Danezis.
This is fantastic work. Haven't read all of your thesis yet, but it looks similar to the stats collection system that we ran for a while inside I2P, but with the privacy protections that I wanted it to have. Well done!
"Crux" was designed with Tor hidden services in mind (in accordance with this <https://research.torproject.org/techreports/hidden-service-stats-2015
- -04-28.pdf>
Tor
Tech Report), but it can be applied on various kinds of data (given an appropriate parser).
Excellent. I want to use this in I2P :)
It supports three statistics (i.e. mean, median, variance) and its threat model is compatible Tor's (see technical document below).
I will look into this, but I doubt there will be any insurmountable incompatibilities with I2P's threat model.
Currently, we don't have a parser specific for the data collected by the Tor relays, but we plan to keep adding functionality.
The source code can be found here: https://github.com/mavroudisv/Crux The theoretical background, threat model, security argument and technical details can be found here: link http://mavroudisv.eu/files/thesis.pdf
Ideas, comments, feedback much appreciated!
Firstly: needs more docs. I shouldn't have to read your entire thesis in order to figure out how to run it :P The README is a good start, but the command parameters need clarification/definitions, and it is not at all obvious how the relays work. An XLS file is also mentioned without explanation.
Secondly, you could probably simplify configuration by managing hidden service connections yourself. I believe the Stem library can do this? I2P has a python library that can be used to listen on and connect to I2P Destinations, with a socket-like interface.
It's not clear to me from your thesis whether you plan to merge the relay component into the Tor relay code (and have the Tor relays talk directly to the query processors), or have your relays running separately and interfacing with the Tor relays to fetch stats. This will potentially alter how it would be used with other networks. In I2P's case I'd imagine it would be easiest (in terms of usability by those setting up relays) to write an I2P plugin in Java that performs the relay role, but I wouldn't want to be duplicating a lot of logic that subsequently needs to be kept in-sync with upstream :)
str4d
Vasilis
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev